Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I wanted to start a thread about the use of the root account. Reason being is that I had some questions that I wanted to get some feedback on about the proper use of the root account.
One thing I'm currently in the habit of is using the root account for a lot of the work I do. I am doing mostly, if not all, admin work on all of our servers. I understand that root is a very sensitive account. But, what would you recommend as guidelines for use of the root account?
I mean, at this time, we currently have only one office (soon to change though) with all of our servers internal. Even though everything is internal, I would still like to find out some proper usage/guidelines, thoughts etc to make sure im not abusing the root account. (meaning, is it bad to consistenly use the root account for daily admin duties.)
I'm looking forward to hearing some responses and recommendations.
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
My first recommendation would be to install and configure sudo. That lets you execute single commands with root privilages, without actually logging in as that account. Make sure you only grant the sudo privilages that you will actually need, not ALL ALL:ALL. This is a very handy tool if you have to grant an admin very limited access to change a few things, but you don't want them to have full control over the box.
Whether delegating tasks tru sudo works or not, make sure you deny remote access to the account, fixate file attributes (chattr), limit the time spent and limit the "freedom" of movement during interactive logins, like exporting sane environment variables, checking $TMP/dir/file ownage, minimize using SXid tools, tools shared with "human" users or outside root's trusted $PATH and not using recreational utilities or games.
For the rest it's IMO just using common sense, like for instance you don't need root privileges to build (rpm) packages, and plain vigilance like enforcing regular audits (integrity, system, network), log(in) checks etc etc.